From af3b007a3e8c1d35b6e0dbf12f92a621f662833e Mon Sep 17 00:00:00 2001
From: Michele <michele@mlhub.it>
Date: Sat, 31 Jan 2026 19:46:06 +0100
Subject: [PATCH] Make OAuth URLs production-ready using NEXT_PUBLIC_APP_URL

- Remove hardcoded /leopost path from Google OAuth redirect
- Use environment variable for flexible deployment URL
- Fallback to window.location.origin for local development

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---
 src/components/auth/google-button.tsx | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/components/auth/google-button.tsx b/src/components/auth/google-button.tsx
index d1e7282..b0cb796 100644
--- a/src/components/auth/google-button.tsx
+++ b/src/components/auth/google-button.tsx
@@ -32,13 +32,16 @@ export function GoogleSignInButton() {
   const [loading, setLoading] = useState(false)
   const supabase = createClient()
 
+  // Use configured APP_URL for OAuth callback
+  const appUrl = process.env.NEXT_PUBLIC_APP_URL || window.location.origin
+
   async function handleGoogleSignIn() {
     setLoading(true)
 
     const { error } = await supabase.auth.signInWithOAuth({
       provider: 'google',
       options: {
-        redirectTo: `${window.location.origin}/leopost/auth/callback/`,
+        redirectTo: `${appUrl}/auth/callback/`,
         queryParams: {
           access_type: 'offline',
           prompt: 'consent',